As
cyber threats continue to escalate and data breaches grow in scale and
prominence, there is nothing more important than keeping your business safe.
Unfortunately, these threats seem to evolve as quickly as the technology
designed to prevent them. You need a plan to keep your business ahead of the
game, protected and secure.

This
guide is designed to do just that by covering the following important topics:

Assessing your current
security

Before making any kind of major change, the first step should always be an assessment. When it comes to creating an IT strategy, conducting a risk assessment is crucial, especially if you have never done one before. Many small businesses assume that if they don’t have an IT department this assessment is unnecessary. This is not true. Risk assessments are designed to review all technology associated with your business, in order to uncover weaknesses and vulnerabilities. It then prioritizes these risks by impact and outlines a plan to address these risks.

Risk
assessments typically look at three categories:

Assets – equipment (even your slowest PC), software, and configurations that make up your IT infrastructure.

Threats – look for industry-specific threats and circumstances that might make the business uniquely targeted.

Vulnerabilities – ways your business could be compromised or exploited. This takes into account internal factors such as employees/former employees, firmware, patches, operating systems, and more.

A risk assessment should be taken seriously. Although it can take a significant investment in time and resources, it is worth both as the work you do now will save you considerable time, money, and grief in the long-run. Consider this: 67% of small and midsize businesses (SMB) experience cyber attacks, according to a recent study, while 47% have no idea of how to protect their business from these attacks.

Choosing a managed service
provider (MSP)

Increasingly,
small businesses are realizing the benefits of opting for proactive
IT services and choosing a managed
service provider (MSP) for their IT support and cybersecurity needs. MSPs
bring expertise, technology, and a variety of solutions to the partnership that
SMBs would otherwise be unable to afford. Typically SMBs pay a monthly fee for
access to these services, with the option to scale services as needed.

When it comes to choosing an MSP, the choices can feel overwhelming. Starting with a risk assessment is a great way to determine what your company’s immediate needs are, and gives you a place to start the conversation. As you begin your search for a trusted service provider, consider the following factors:

Services – Every MSP offers a unique range of services. What services are you looking for? Do you need to eliminate the bottlenecks? Do you need security services? Look for an MSP that can best meet your unique management and security needs.

Security – While the Cloud and security services inherently offer some security solutions, look for an MSP that values your security as much as they value their own.

Expertise – One of the benefits of partnering with an MSP is gaining from their expertise. It is essential that you find an MSP that is knowledgeable of your systems and able to provide creative solutions. For example, if your business works primarily with Macs, be sure to hire an MSP who has extensive experience working with Macs.

Customer service – As with any business relationship, excellent customer service is a must. Take note of staff experiences when communicating with different members of the team. Don’t overlook poor customer services just because you like the services they offer– see them for the red flags that they are.

Customization – Many MSPs offer unique customizations for the Cloud or for security services. Take note of these and how they may work to increase productivity for your business.

Onboarding – Ask each MSP about a potential timeline and cost for coming onboard. Each MSP has a different process and style, so it is important to understand what this looks like.

Cost – Once you have a complete rundown of what the MSP can offer you and what it can cost, be sure to look through the fine print to make sure you understand what to expect before signing a contract.

Security best practices

The
good news is that there are things you can do right now to improve your
business security. Most of these security best practices cost nothing to
implement, and they may actually save you money. In addition to utilizing all
of these practices yourself, it is essential to educate employees and implement
them business-wise.

Passwords – Always use strong, unique passwords for each device and account that you have. Never share your passwords or write them down. Don’t use passwords that can be guessed easily. Use multi-factor authentication (MFA) when it is available.

Connect securely – Whenever possible, connect to the internet using a secure internet connection. Be cautious of unsecured public Wi-Fi. If you must use a public connection, avoid entering sensitive data. You should also be careful when using mobile devices. Here are 7 ways to protect your private cell phone from hackers.

Download with caution – Downloads from unknown or untrusted sources can be used to install malware onto your computer. Also, beware of opening attachments from suspicious emails.

Update everything – While antivirus software can’t protect you from every threat, it is designed to detect and remove most known viruses and malware infections. It is important to keep the software up-to-date. It is also essential to keep your browser, operating system, and other frequently used software up-to-date as update often include security patches.

Backup and disaster
recovery (BDR) planning

The final piece of building your business security is designing a backup and disaster recovery (BDR) plan. While nobody wants to think about needing such a plan, the reality is that the world is unpredictable. While we can’t predict where disaster will strike, we do know that 40% of small businesses permanently closed their doors following a disaster. Do you like those odds? (Still not convinced? Read all about how disaster preparation pays off.)